Protection against Intrusion

To harden our IBAN servers against intrusion, we have taken these measures:

Password-based login into a command line shell is disabled. Login is only possible with keypairs which are only in possession of employees of Theano GmbH. Typical hacker tools which systematically try passwords should therefore not help with breaking into the system.

Even if a hacker would successfully intrude, the account data are protected. While we do log them in order to be able to document which calculations we did for you, we only log them in encrypted form (with GPG). Only the public key is present on the server. Therefore, decryption, for which the private key would be needed, is not possible based on the data which exist on the server.

Protection against data loss

Our servers are equipped with RAID-1 hard drives, which means that hard drive failures do not lead to an interruption of service or loss of data, unless both drives in a server fail at the same time (or at least in short enough succession for us to not yet have repaired the first drive when the second one fails).

We back up data daily, so even in case an entire server is destroyed, the loss of data is limited to the changes from the last 24 hours.

Reliability

We use multiple servers which run 24 hours a day in different computer centers (some of them in different German cities). Another server monitors the reachability of the IBAN servers and redirects your requests to a backup server within minutes in case the main server does not respond. More details...